VMware Compromised

VMware is ubiquitous, to put it mildly. It is used in many sections to the tech industry around the world. Therefor, a major vulnerability to VMware would be a cause for great alarm. So, of course, a major vulnerability in VMware was recently discovered. VMware’s directory service, vmdir, has a major information-disclosure bug that could leave many companies vulnerable in the near future.

vmdir is part of VMware’s vCenter Server, a provider of centralized management of virtual hosts and machines. Specifically, it is a part of the Single Sign-On mechanism used by admins. The problem is that, according to VMware’s security advisory on the topic, “Under certain conditions vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller, does not correctly implement access controls.” VMware went on to state that they have evaluated the severity of the issue to be a 10.0 on the CVSSv3 scale.

Any attacker that can access a system through this vulnerability would be able to gain access to a great deal of highly sensitive information, according to threatpost . threatpost also noted that the information could be used to compromise the vCenter Server itself along with other services dependent on vmdir for authentication. This vulnerability will, without a doubt, have massive ongoing effects as companies who are too slow to update find themselves losing data. Just another reason to keep your software up to date, I suppose.

VMware’s Advisory: https://www.vmware.com/security/advisories/VMSA-2020-0006.html

Tara Seals’ article from threatpost: https://threatpost.com/critical-vmware-bug-corporate-treasure-hackers/154682/